Recent Bank of England warning and why AI-driven cyber threats are now a top concern for banking regulators globally

Key takeaways 

• The latest frontier AI models can identify and exploit vulnerabilities faster, at a greater scale and at a lower cost than previous tools. 
• UK regulators have warned that organizations with weak cyber security fundamentals will become progressively more exposed. 
• This is not a UK-only issue. Regulators in the EU, Australia and Singapore are also increasing their focus on AI risk management and cyber resilience. 
• AI is creating a dual challenge for banks. Financial institutions need to govern their internal use of AI while preparing for threat actors to use the same technology against them. 
• The practical question is whether organizations can connect AI risk, cyber risk, third-party risk and operational resilience through clear ownership, live controls and defensible evidence. 

Introduction: Is AI changing the cyber threat environment faster than organizations can respond? 

AI is not only a technology that organizations need to govern internally. It is also reshaping the external cyber threat environment. Used well, AI can help teams detect vulnerabilities, strengthen defenses and respond to incidents more quickly. However, the same capabilities can create new attack pathways and allow threat actors to identify and exploit weaknesses at greater speed, scale and precision. 

The World Economic Forum’s Global Cybersecurity Outlook 2026 found that 94% of survey respondents expect AI to be the most significant driver of change in cyber security in 2026. Singapore’s Minister-in-Charge of Cybersecurity, captured the challenge clearly:  

“The risks transcend borders, and the challenge is to maximize AI’s benefits, including to strengthen our cyber resilience, while minimizing its risks.” 

Josephine Teo, Singapore’s Minister for Digital Development and Information and Minister-in-Charge of Cybersecurity

The warning is particularly urgent in financial services. Banks support critical services, hold sensitive data and rely on complex networks of technology providers. A cyber incident can affect customers, markets and wider financial stability. Risk leaders therefore need to treat AI governance and cyber resilience as connected issues, rather than separate areas of responsibility. 

As Rita Parmar, a Senior Risk Officer with extensive experience across the financial-services sector, explained during CoreStream GRC’s Spotlight on Women in GRC podcast: 

“My current focus is generically across non-financial risk. So, it’s going to be third-party risk, data, information and cybersecurity. And then it encroaches on various other areas, like geopolitical risk and AI.” 

The banking sector offers an early indication of the governance questions that organizations across other industries will increasingly need to answer.  

• Are existing controls keeping pace with the changing threat environment?  
• Can vulnerabilities be identified, prioritized and escalated quickly?  
• And can the organization prove that its cyber-resilience measures are operating effectively in practice? 

Explore Parmar’s perspective on AI, cyber security, third-party dependencies and the changing financial-services risk landscape: 

The UK banking regulator deemed AI-driven cyber threats a top priority 

AI adoption is already widespread across UK financial services. A joint survey by the Bank of England and FCA found that 75% of responding firms were already using AI, with a further 10% planning to adopt it within 3 years. The same research found that organizations expected the median number of AI use cases to more than double over that period, from 9 to 21. 

However, the rapid development of frontier AI models is creating a new set of risks for banks to manage.

Speaking to the Financial Times, Sam Woods, the outgoing Chief Executive of the Prudential Regulation Authority, said that AI-driven cyber risk now sits at the top of his list of concerns: 

“If I had to point to an area where it feels to me like it is unsettled and it could lead to a significant problem, this would be top of the list.” 

Woods’ concern is not limited to how banks use AI internally. Increasingly capable models can help identify hidden vulnerabilities in IT systems, creating a risk that weaknesses could be found and exploited faster than organizations can patch them. He said banks may need to deliver “a significant uplift in both the volume and speed” of software patching, categorize IT systems to identify higher-risk open-source code, and reconsider their technology priorities. 

This is not a distant theoretical risk. It is a practical control-capacity issue. As the tools available to attackers become faster and more scalable, financial institutions need to assess whether their vulnerability-management processes, resourcing decisions and remediation timelines can keep pace. 

What are UK regulators asking financial institutions to do now? 

The regulatory response is already taking shape. On 15 May 2026, the Bank of England, FCA and HM Treasury published a joint statement on frontier AI models and cyber resilience. It warned that frontier AI models represent “a step-change in capability”, with significant implications for cyber security and operational resilience. 

The statement said that the cyber capabilities of current frontier AI models are already exceeding what a skilled practitioner could achieve, operating at greater speed, scale and lower cost. Used maliciously, these capabilities could amplify threats to firms’ safety and soundness, customers, market integrity and wider financial stability. Organizations that have underinvested in core cyber security fundamentals are likely to become progressively more exposed. 

The statement does not introduce new regulatory expectations. Instead, it reinforces the need for firms to translate existing expectations into practical action as the operating environment becomes more complex. The Bank of England, FCA and HM Treasury highlighted several connected priorities: 

• Ensuring boards and senior management understand frontier AI risks. 
• Reviewing investment and resourcing decisions, including exposure created by end-of-life systems. 
• Identifying, prioritizing and remediating vulnerabilities more quickly and at scale. 
• Monitoring risks across third parties, supply chains and open-source software. 
• Strengthening access management, network security and data protection. 

• Testing whether the organization can respond to and recover from disruption quickly. 

The direction is clear. A policy document or risk statement is not enough. Firms need the operational capability to identify vulnerabilities, assign ownership, prioritize action and produce evidence that controls are working in practice. 

“Of course, proof still matters. The market needs evidence around accuracy, auditability, repeatability, control, cost economics, and real-world performance.” 

Michael Rasmussen, GRC Analyst and GRC 2020 founder  

That principle applies to both the internal use of AI and the wider cyber threat environment. As AI-driven threats become faster and more scalable, financial institutions need a connected view of their technology estates, critical dependencies and control environments. The question is not simply whether controls exist. It is whether firms can show that those controls are effective when the threat environment changes. 

Looking beyond the UK into the global banking trend 

The UK warning is not an isolated development. Regulators in other major financial centers are also examining how AI is changing the cyber threat environment and what financial institutions need to do in response. The emphasis differs across jurisdictions, but the direction is consistent: banks need stronger governance, faster remediation processes and clearer accountability as AI adoption accelerates. 

European Central Bank   

AI adoption is already widespread across Europe’s banking sector. According to the European Central Bank, more than 85% of banks under European banking supervision use AI. 

On 3 June 2026, Frank Elderson, Vice-Chair of the ECB Supervisory Board, said that the latest generation of frontier AI models represents more than an incremental improvement in cyber capability: 

“They are a structural shift in the economics of cyber risk.” 

These tools could allow malicious actors to discover and exploit vulnerabilities faster, combine smaller weaknesses into serious attacks and reverse-engineer patches into new attack opportunities. As the technical expertise, time and cost required to launch sophisticated attacks fall, a wider range of threat actors may gain access to capabilities that were previously difficult to obtain. 

The ECB plans to send a “dear CEO letter” to supervised banks requesting proactive measures to protect the continued robustness and security of their systems. Elderson’s central point is that this cannot be treated solely as a technical cyber security issue. It is a firm-wide strategic challenge requiring clear management ownership, appropriate resources and sustained investment. 

“The speed, scale and accessibility of advanced cyber capabilities are increasing, and the time available to defenders is shrinking.” 

Australian Prudential Regulation Authority  

The Australian Prudential Regulation Authority has reached a similar conclusion. On 30 April 2026, APRA called for a step-change in AI-related risk management and governance across banks, insurers and superannuation trustees. 

The warning is supported by a wider global trend. The World Economic Forum’s Global Cybersecurity Outlook 2026 found that 87% of respondents identified AI-related vulnerabilities as the fastest-growing cyber risk during 2025. 

APRA’s findings were based on a deep-dive exercise involving a sample of large regulated organizations. It found that information-security practices were struggling to keep pace with the speed and complexity of AI adoption: 

“AI adoption is materially changing the cyber threat landscape.” 

The regulator identified several practical weaknesses: 

• Identity and access-management processes had not fully adapted to nonhuman actors such as AI agents. 
• AI-assisted software development was placing pressure on change and release-management controls. 
• Security-testing programs did not always reflect the changing threat environment. 
• Patching and configuration-management timelines were not consistently aligned with the speed at which new vulnerabilities were emerging. 
• Employees were using AI tools outside approved control frameworks. 
• Some organizations relied too heavily on policy direction and after-the-fact detection rather than preventative technical controls. 

The issue is not simply whether financial institutions have adopted AI policies. It is whether governance, assurance and remediation processes can keep pace as the technology changes. 

Monetary Authority of Singapore  

Singapore provides a useful complementary example. Rather than focusing only on the risks, the Monetary Authority of Singapore have worked with the financial-services sector through Project MindForge to develop practical resources for AI risk management. 

The need for this work is clear. In a November 2025 speech, MAS Managing Director said that more than 30 financial institutions had established AI functions in Singapore, including insurers and Singapore-based AI hubs supporting wider operations. 

The Singapore approach does not contradict the warnings from the UK, Europe or Australia. It reinforces the same point from a different angle. Financial institutions need frameworks that allow them to use AI safely, with clear accountability and human oversight, without slowing every use case to a halt. 

Taken together, these regulatory developments point to a wider shift. AI risk management is moving beyond high-level principles. Regulators increasingly expect financial institutions to show how AI risks are identified, governed, tested, and monitored in practice. 

Why is this bigger than vulnerability patching? 

The challenge extends far beyond fixing weaknesses in a bank’s own technology estate. Financial institutions do not operate in isolation. They rely on cloud providers, telecommunications networks, payment systems, utilities, software libraries and external technology suppliers to deliver critical services. 

Frontier AI tools could make weaknesses within those dependencies easier to identify and exploit. A vulnerability within a widely used provider may not affect 1 organization alone. It could create disruption across multiple firms at the same time. 

As Frank Elderson, Vice-Chair of the ECB Supervisory Board, warned: 

“Scenarios that were once considered tail risks may become more likely, such as vulnerabilities in a single, widely used infrastructure quickly escalating into disruption across an entire sector, with knock-on effects on banks’ ability to operate.” 

The concern is already reflected in wider business attitudes. The World Economic Forum found that 65% of large companies by revenue identified third-party and supply-chain vulnerabilities as their greatest cyber resilience challenge, up from 54% in 2025. 

The practical issue is visibility. A supplier register is not enough. Organizations need to know which third parties support their most critical services, where concentration risks sit and how quickly they could respond if a weakness further down the chain was exposed. 

This is not only a banking issue. The same questions apply to organizations across regulated and operationally complex industries. As AI-driven attacks become faster and more scalable, third-party risk management needs to move beyond periodic assessments toward continuous oversight, clear escalation routes and evidence that critical dependencies have been tested. 

What should boards and risk leaders be asking now? 

AI-driven cyber risk cannot sit solely with cyber security teams. It cuts across governance, risk, compliance, technology, procurement and operational resilience. 

The Bank of England, FCA and HM Treasury statement makes the governance expectation clear: 

“Firms should ensure their boards and senior management have sufficient understanding of frontier AI risks.” 

For boards, the priority is not learning every technical detail. It is understanding where the organization is exposed, whether the right owners are accountable and whether the business can respond quickly when conditions change. 

Boards and risk leaders should be asking: 

• Which AI-related cyber risks could affect our critical services? 
• Which vulnerabilities require priority remediation? 
• Which third parties and software dependencies create concentration risk? 
• How quickly can control owners identify, escalate and resolve issues? 
• Are our fallback processes credible and tested? 
• Can we produce evidence that controls are operating effectively? 
• Are risk, control and incident data connected across the business? 

The challenge is not producing more reports. It is making risk information usable when decisions need to be made quickly. 

Organizations need a connected view of risks, controls, owners, actions and evidence. Without that visibility, teams may have policies and processes in place but still struggle to prove that they can respond at the speed the threat environment now demands. 

Conclusion: AI governance and cyber resilience can no longer be managed separately 

AI can help organizations strengthen threat detection, improve vulnerability management and respond to incidents more quickly. However, it can also give attackers faster and more scalable ways to identify weaknesses, combine smaller vulnerabilities and exploit gaps across increasingly complex technology environments. 

The banking sector offers an early indication of the governance questions that organizations across other industries will increasingly need to answer. Where do the most important risks sit? Who owns them? How quickly can teams escalate and remediate issues? And can the organization show that its controls are operating effectively when the threat environment changes? 

AI governance cannot be treated as a standalone policy exercise. It needs to connect with cyber security, third-party risk and operational resilience. The goal is not to introduce another layer of process. It is to give leaders a clear, current and defensible view of where the organization is exposed and what needs to happen next. 

“Value-based GRC is not about generating more reports or adding more layers of process. It is about giving the organization the visibility to understand where risk sits, the accountability to act on it and the evidence to show that controls are working when it matters. As AI changes the cyber threat environment, that connected view becomes even more important.” 

Paul Cadwallader, GRC Strategy Director, CoreStream GRC 

For organizations, the practical question is straightforward: can your governance processes keep pace with the risks the business now faces? 

Explore how CoreStream GRC can help you build a more connected and defensible approach to governance, risk and compliance. 

FAQs on AI cyber security risk in banking